外文翻译ASP的开发准则及安全管理.docx
《外文翻译ASP的开发准则及安全管理.docx》由会员分享,可在线阅读,更多相关《外文翻译ASP的开发准则及安全管理.docx(10页珍藏版)》请在冰豆网上搜索。
![外文翻译ASP的开发准则及安全管理.docx](https://file1.bdocx.com/fileroot1/2023-1/9/5b489ac8-a3cd-4557-a5b7-80d9511fbee2/5b489ac8-a3cd-4557-a5b7-80d9511fbee21.gif)
外文翻译ASP的开发准则及安全管理
附录
外文原文:
Theexploitationcriteriaandsecuritymanagementoftheasp
Exploitationcriteria:
Applicationservershavebeen,orultimatelywillbeusedinWebserver,whichusuallyoperateintheIISASPpagecomputer.ASPistheonlyobjectofyourclient.Itoffersspecializedsystemsandsecurityconsiderations.WhilemanyoftheWebsitesuseASPsimplynotcomponents,butinthisarticlethatASPistheInternetasabridgebetweentheclientandcomponents.ThefollowingASPcomponentsGuidelines(English):
ASPandthedivisionofservicesbetweencomponents
ASPserverinthemostcommonlyusedbuildingfortheclienttouseHTMLorXMLdocuments,sowefocusedontheuseoftheprogram.Thisleadstoacommonproblem,ifASPpageontheserver,thentheyarepartoftheoperationallevel?
Componentsintheworld,theanswerusuallyisnot.AlthoughtheASPserverisinoperation,butmayberelatedtospaceapplicationsinthesameserver,butitcannotmakeitapartofthebusinesslogic.Withuserinterfacedevelopmenttool,orastheopeningofmorebusinesstooperationalprogramswiththecleardistinctionwillbetremendousreturns.
Letuslookatsomeofthemostimportantoperationallevelandthatleveldivisionguidelines:
SeparationoftheUIcodeandbusinesslogic.ThisincludespreparationcoupledwiththeUIcode,suchastheuseofASPcomponentsMTSinternaltargetitwiththebusinesslogiccodeseparation,asinadifferentDLL.
affairwillbeseparatedwiththeASPpage.ServicesASPincertaincasesbeyondcompare,butthecomponentsandmulti-storeyapplicationswillchangethissituation.Componentsshouldnotbedependentontheclientlayertomanagetheiraffairsandbusinesslogicsemantics.
Willbeexpressedcomponents(usesolicitandresponsivecomponents)andWebserveronthesamemachineand/ortenor.IftheuseofASPinternalcomponentsofthetargetobjectsonremotemachines,thenalloftheinternalcomponentswillbeavailableinretailform.ServerclientaccessisCOM+server,whichsignificantlyreducedtheperformanceandsecurityofcomplicated.ThesemarkingswillbelayinCOM+applicationsmarkas"libraryactivated".
ASPexistinserver,ASPpagesmustbeconsistentwithresourcesharingrules,andremembertoflexibility.Lookatthefollowingdetails:
Inthe"conversation",managementshouldavoiduserspecificstate.KeepASPstatelessandwherepossibletoallowresourcespool.
Modeoperation:
Inevaluatingwhetheracodeofbusinesslogiclayerorexpressed,mayIaskmyself:
"IfIhavetouseclick-phoneapplicationstoreplacemyASPpage,thenthecodearethere?
inter-ideograph;MARGIN:
0cm0cm0pt;TEXT-ALIGN:
justify">"Iftheansweris"yes",thenitcouldtrytobusinesslogiccodeintomachinecodeoruserinterfacetohelp.
Ifchangedaftertheclientcodecannotbeused,orifitisconstructedwiththehelpoftheuserinterface,thecodeisexpressedserviceslayer.ItASPpage,orintheinternalcomponentsused
ASPcomponents.Itdoesnotbelongtotheoperationaltargetsofcomponents.UnderstandingofthedistinctionbetweendesktopandASPclient
Itwasmodularincumbentengine,differenttable'stop'traditionunilineranwin32applicationfromthatasp.Keydistinctiongeneralizeasfollows:
Threadmanagement:
ASPisamulti-clientthreads.Thismeansthatitcanhavemanyactivitiesintheoperation,perhapsatthesametimedealingwithdifferentASPpage.Thisshowsthatitisnottheonlypseudo-objectstoexclusivesystemusers.Thismaybeunexpectedreactions,forexample,intoabadhabit:
theobjectstoredinASPapplicationvariablesorconversation.
Securityenvironment:
ASPistheWebsiteoftheInternetInformationServices5.0implementation,alow,medium,highthreeseparatedegrees.TheWebsitecanevenhavedifferentsecuritysetup,orrefusetoallowanonymousaccess,forcustomerandsoon.Allthesehavegeneratedalotofprograms,namely,theuseofdifferentend-useraccountisyourobject.
Easyrose:
Thisisnotatechnicalissue,butWebapplicationsprovidefacilitiesDeputyeffect.Traditionally,theincreaseinuserbasefordesktopapplications,thenumberofrequestscarefullyplannedwellknowntotheclienttransferred.ASPhaschangedtheprocessinmotionandoperational,ASP-VisualBasicapplicationscanbeconvenientlyopenedforlocalorworldwideforallstaff,allbusinesspartnersandcustomersalluse.Thisapproachcanbeusedtodescribe-ownedsuperlinksindividuale-mailuserscanmakeatenfoldincreaseinthebase.Toprepareforyourapplications?
TheonlywaytounderstandtheintensityofWebsitesfortestingtoobtaintheexpectedvalueoftheactualperformance.Detailedinformationontheintensityofthetest,pleaserefertothe"applicationlifecycle"section.
IntheuseofVisualBasicASPshouldtarget?
Inthecontextoftheestablishmentandabolitionofpagesofyouraudience.Inotherwords,asfaraspossiblesothatnostateASPpagesonlyinastateofdependenceconversationortemporaryapplicationsvariables.NottotargetstorageapplicationsinEnglishorvariables.ThiswilllockinyourconversationASPsystems,theexpectedvalueofflexibilitymaycancelall.Inotherwords,theWebservershandlenomorethanafewdozensofusers.Ifrequired,inEnglishorapplicationsstoredcontent,pleaseturnitintothedataratherthanobjects.Therearemanyothercriteriacanbeobserved.WerecommendthatyoureadMSDNVoices,.J.D.Meiercomposethecolumn"Servinyes">ItUp."
Thecolumnincludesalotoftechnology,practiceandskillsdevelopmentcancontributetotheexpansionandreliableASPcomponentsandapplications.
NottobequotedorapplicationsmemoryatconversationalltheinsertedobjectcomponentsareVisualBasic6.0"cellthread",thatistosaytheyareoperatingintheIntermodule.Thismeansthatifthethreadestablishedtargets,thentheobjectofallresourcesmustusethesamethreads.Manythreads(fromitWebsiteusers)usethesameexamplesAgencytargets,raisesaseriesofactivities,theapplicationprocessmaybecomebottlenecks.
Inaddition,inconversationwithServer.CreateObjectstoredwithintheobjectSTAtobeimplementedthreadscanbeeffectivelylinkedtothecurrentuser,thusitwillbethelargestapplicationstogiveusersafewrestrictionsthe20xN(N=numberofprocessors).
Modeoperation:
Ifyouaccordingtooursuggesttotakeobjectstateless,arenotusedforstorageofaclient,andstoredinthecontextoftheirapplications.Clientwillbeabletoestablishanindependent,useandcancellationoftheirowntarget.Thisreducestheneedformaintainingconversation-becausetheydonotretaintheskillsuniquetothestate.Recommendedapproachistotargetastate,itneedsadatabaseorotherstorageareatovisit(suchascookiesandLDAP).IfapplicationsrequiretheuseofEnglishorthescopeofthedata,thedatashouldinsteaddealwiththesubjectofdatastoredinit.Thedisposeoftheyoucouldbeginonegenera,cameencapsulationversusdesirablevalue.
ASPsecuritymanagement:
Thebasicconceptofsecuritymanagement
SafetymanagementisbasedoninformationandASPsolutiontomanagethesecuritystrategyhassetthesecurityleveldefinitionprocess.Includingmanagementoftheresponsetoviolationsofthesecurityact.ASPcanbecontrolledwithoutfearofattackandASPclientsbusinesscontinuity,sotobeabletodealwithmaliciousattackscouldreallyanart.
Safetymanagementinlargemeasuredependentonthesecuritystrategy.Thesestrategiescouldproducefromdifferentsources.Tobeconsideredwhendesigningsecuritystrategyare:
ServicelevelagreementonthedefinitionofexternalcustomerneedsexternalsecuritylawrequiresexternalsupplierswithintheASPsecuritystrategyandsecuritystrategyintheASPenvironmentintegratedcustomercircumstances,theinternal/externalsecuritystrategy,Foreachsolution,ASPmustbedefinedsecuritystrategy.ThestrategyshouldbebasedonthevariousaspectsofthemostreliableHop.Accordingtocustomerneeds,andeventhebasicstructurewillbeverydifferentdesign.Usuallyusethreesafetydesign:
Thededicatednetworkjointofthebothaspsolutionandsafetyprecautionscompletenessbyaspproceedend-to-endControlusually,thesepurportaspversusproprietarybasicstructuresubassemblypossessfullcontrol,includeaspandclientofcompartment.
Public:
ASPsolutionsandsecuritymeasuresbyASPcomponentcontrol.Usually,thismeansthatwithintheASPisincontrolofitsownwebsite,butdoesnotguaranteetoprovidesolutionstothepublicnetworkwithcontrol.However,theASPcanbeusedas"virtualprivatenetwork"(VPN)tocarryoutsuchtechnicallinksbetweenASPandclientsecurity.
Mixed:
thesolutionisacombinationoftheprevioustwo."dedicated"and"common"solutionsareused.Inensuringsecuritysolutions,andalsoinvolvesASPcustomers.
TherearefivedimensionsoftheprocessneededtoimprovetheMOFmodel:
planning:
planningactivitiesincludingincustomerrequirements,aswellasinternalandexternalstrategiesbasedonthelegitimatedemandsoftheSLAsecuritycomponent.Inadialoguewithclientsatthesametime,itmaybenecessarytoestablishoradjustinternalsecuritystrategy.OfcourseweshoulddecidewhethertodosobytheASP.Thisresultedinalevelofsecurityplanning,includingallaspectsofthesecuritystrategyanddesign(infrastructure,personnel,steps,theenvironment,basiccontracts,etc.).
Implementation:
Putstratificationplanee